Commit graph

3528 commits

Author SHA1 Message Date
Richard Henderson cf3c7824ff
target/arm: Implement SVE Floating Point Multiply Indexed Group
Backports commit ca40a6e6e390eb1cad7ade881dc7c622793f9324 from qemu
2018-07-03 03:35:49 -04:00
Richard Henderson c718ef4243
target/arm: Implement SVE floating-point arithmetic with immediate
Backports commit cc48affe83fff4b2886c064265d7103dee5e4a14 from qemu
2018-07-03 03:24:46 -04:00
Richard Henderson db1d39ab4a
target/arm: Implement SVE floating-point compare vectors
Backports commit abfdefd5bd444b629d16dcefc2b60ac8da37e87d from qemu
2018-07-03 03:14:24 -04:00
Richard Henderson be65f60799
target/arm: Implement SVE scatter store vector immediate
Backports commit 408ecde97bd30f8ec13f831976d0a9a6535bb569 from qemu
2018-07-03 03:09:51 -04:00
Richard Henderson 892a9a66eb
target/arm: Implement SVE first-fault gather loads
Backports commit ed67eb7fa2a63b6709ec94397d833bc3686f7833 from qemu
2018-07-03 03:06:07 -04:00
Richard Henderson 1782f20dde
target/arm: Implement SVE gather loads
Backports commit 673e9fa6c29e030f4ab6ceae5d0f50bd36fe0ee0 from qemu
2018-07-03 02:58:18 -04:00
Richard Henderson 3a5d095277
target/arm: Implement SVE prefetches
Backports commit dec6cf6b43a1e3b18626852064d1e6e863c9b681 from qemu
2018-07-03 02:42:06 -04:00
Richard Henderson b78e283513
target/arm: Implement SVE scatter stores
Backports commit f6dbf62a7e3d00e9a1dcc7fe3e53b32c3ed93e24 from qemu
2018-07-03 02:40:17 -04:00
Richard Henderson d71cdfa41f
target/arm: Implement SVE store vector/predicate register
Backports commit 5047c204d0d4a0fff616a24963b2b45c7d9ba4c4 from qemu
2018-07-03 02:32:10 -04:00
Richard Henderson c497dc0a83
target/arm: Implement SVE load and broadcast element
Backports commit 684598640dc3b28f86ccc28cc9af50ba257f4cc8 from qemu
2018-07-03 02:27:00 -04:00
Richard Henderson 2caa99929e
target/arm: Implement SVE Floating Point Accumulating Reduction Group
Backports commit 7f9ddf64d5fe5bfaa91ae0ec52217d86f4d86452 from qemu
2018-07-03 02:21:41 -04:00
Richard Henderson 44d89b4cb1
target/arm: Implement SVE FP Multiply-Add Group
Backports commit 6ceabaad1101b0b33490b0fd4bed5b6445b0a34e from qemu
2018-07-03 02:17:16 -04:00
Richard Henderson d1c5d5b728
target/arm: Implement SVE floating-point arithmetic (predicated)
Backports commit ec3b87c28eb120b6575cc1ed7bfbfbf1b0060163 from qemu
2018-07-03 02:13:04 -04:00
Richard Henderson e7f53b6d1b
target/arm: Implement SVE integer convert to floating-point
Backports commit 8092c6a314c9625d8976fb6c5b6969f2a1105cd8 from qemu
2018-07-03 02:05:50 -04:00
Richard Henderson 8a99e1bad2
target/arm: Implement SVE load and broadcast quadword
Backports commit 05abe304be2987cb3576729a14dab96e9ccfaec9 from qemu
2018-07-03 02:01:23 -04:00
Richard Henderson 3a51861c05
target/arm: Implement SVE Memory Contiguous Store Group
Backports commit 1a039c7e58533d5f9431a2064771113d5961c964 from qemu
2018-07-03 01:57:52 -04:00
Richard Henderson 22a155a5d4
target/arm: Implement SVE Contiguous Load, first-fault and no-fault
Backports commit e2654d757598d6c06d1ceb25c62ddf7d63cac32f from qemu
2018-07-03 01:52:38 -04:00
Richard Henderson da1eeb226e
target/arm: Implement SVE Memory Contiguous Load Group
Backports commit c4e7c493da2fdd2c92a7958e592e38200af2f1ba from qemu
2018-07-03 01:40:18 -04:00
Jan Kiszka a27161c7a0
target-i386: Mark cpu_vmexit noreturn
It calls cpu_loop_exit in system emulation mode (and should never be
called in user emulation mode).

Backports commit 50b3de6e5cd464dcc20e3a48f5a09e0299a184ac from qemu
2018-07-03 01:30:01 -04:00
Jan Kiszka fab6f4cd3a
target-i386: Allow interrupt injection after STGI
We need to terminate the translation block after STGI so that pending
interrupts can be injected.

This fixes pending NMI injection for Jailhouse which uses "stgi; clgi"
to open a brief injection window.

Backports commit df2518aa587a0157bbfbc635fe47295629d9914a from qemu
2018-07-03 01:29:43 -04:00
Jan Kiszka 7c01627388
target-i386: Add NMI interception to SVM
Check for SVM interception prior to injecting an NMI. Tested via the
Jailhouse hypervisor.

Backports commit 02f7fd25a446a220905c2e5cb0fc3655d7f63b29 from qemu
2018-07-03 01:25:29 -04:00
Paolo Bonzini b7e2e6ec04
osdep: work around Coverity parsing errors
Coverity does not like the new _Float* types that are used by
recent glibc, and croaks on every single file that includes
stdlib.h. Add dummy typedefs to please it.

Backports commit a1a98357e3fdfce92b5ed0c6728489b9992fecb5 from qemu
2018-07-03 01:23:39 -04:00
Richard Henderson 91359e67f9
target/i386: Fix BLSR and BLSI
The implementation of these two instructions was swapped.
At the same time, unify the setup of eflags for the insn group.

Backports commit 13672386a93fef64cfd33bd72fbf3d80f2c00e94 from qemu
2018-07-03 01:22:04 -04:00
Eric Auger 7ecf09a13d
exec: Fix MAP_RAM for cached access
When an IOMMUMemoryRegion is in front of a virtio device,
address_space_cache_init does not set cache->ptr as the memory
region is not RAM. However when the device performs an access,
we end up in glue() which performs the translation and then uses
MAP_RAM. This latter uses the unset ptr and returns a wrong value
which leads to a SIGSEV in address_space_lduw_internal_cached_slow,
for instance.

In slow path cache->ptr is NULL and MAP_RAM must redirect to
qemu_map_ram_ptr((mr)->ram_block, ofs).

As MAP_RAM, IS_DIRECT and INVALIDATE are the same in _cached_slow
and non cached mode, let's remove those macros.

This fixes the use cases featuring vIOMMU (Intel and ARM SMMU)
which lead to a SIGSEV.

Fixes: 48564041a73a (exec: reintroduce MemoryRegion caching)

Backports part of commit a99761d3c85679da380c0f597468acd3dc1b53b3 from
qemu
2018-07-03 01:11:12 -04:00
Stefan Hajnoczi e8b92838fe
compiler: add a sizeof_field() macro
Determining the size of a field is useful when you don't have a struct
variable handy. Open-coding this is ugly.

This patch adds the sizeof_field() macro, which is similar to
typeof_field(). Existing instances are updated to use the macro.

Backports commit f18793b096e69c7acfce66cded483ba9fc01762a from qemu
2018-07-03 01:02:54 -04:00
Yongbok Kim a63e549673
target/mips: Fix data type for offset
Offset can be larger than 16 bit from nanoMIPS,
and immediate field can be larger than 16 bits as well.

Backports commit 72e1f16f18fe62504f8f25d7a3f6813b24b221be from qemu
2018-07-03 01:01:09 -04:00
Yongbok Kim f2d68a4079
target/mips: Update gen_flt_ldst()
Update gen_flt_ldst() in order to reuse the functions for nanoMIPS

Backports commit b52d3bfa2d54d99ef25f6d008815eecc53b67bfe from qemu
2018-07-03 00:59:47 -04:00
Yongbok Kim a246bdb5b3
target/mips: Fix microMIPS on reset
Fix to activate microMIPS on reset when Config3.ISA == {1, 3}

Backports commit 0305d194be1dbda09fa7a7c883894030d07c355f from qemu
2018-07-03 00:57:50 -04:00
Yongbok Kim 872be901d4
target/mips: Raise a RI when given fs is n/a from CTC1
Fix to raise a Reserved Instruction exception when given fs is not
available from CTC1.

Backports commit f48a2cb21824217a61ec7be797860a0702e5325c from qemu
2018-07-03 00:57:09 -04:00
Peter Maydell 4abcf14b52
target/arm: Handle small regions in get_phys_addr_pmsav8()
Allow ARMv8M to handle small MPU and SAU region sizes, by making
get_phys_add_pmsav8() set the page size to the 1 if the MPU or
SAU region covers less than a TARGET_PAGE_SIZE.

We choose to use a size of 1 because it makes no difference to
the core code, and avoids having to track both the base and
limit for SAU and MPU and then convert into an artificially
restricted "page size" that the core code will then ignore.

Since the core TCG code can't handle execution from small
MPU regions, we strip the exec permission from them so that
any execution attempts will cause an MPU exception, rather
than allowing it to end up with a cpu_abort() in
get_page_addr_code().

(The previous code's intention was to make any small page be
treated as having no permissions, but unfortunately errors
in the implementation meant that it didn't behave that way.
It's possible that some binaries using small regions were
accidentally working with our old behaviour and won't now.)

We also retain an existing bug, where we ignored the possibility
that the SAU region might not cover the entire page, in the
case of executable regions. This is necessary because some
currently-working guest code images rely on being able to
execute from addresses which are covered by a page-sized
MPU region but a smaller SAU region. We can remove this
workaround if we ever support execution from small regions.

Backports commit 720424359917887c926a33d248131fbff84c9c28 from qemu
2018-07-03 00:55:37 -04:00
Peter Maydell 5e8e8b9bf8
target/arm: Set page (region) size in get_phys_addr_pmsav7()
We want to handle small MPU region sizes for ARMv7M. To do this,
make get_phys_addr_pmsav7() set the page size to the region
size if it is less that TARGET_PAGE_SIZE, rather than working
only in TARGET_PAGE_SIZE chunks.

Since the core TCG code con't handle execution from small
MPU regions, we strip the exec permission from them so that
any execution attempts will cause an MPU exception, rather
than allowing it to end up with a cpu_abort() in
get_page_addr_code().

(The previous code's intention was to make any small page be
treated as having no permissions, but unfortunately errors
in the implementation meant that it didn't behave that way.
It's possible that some binaries using small regions were
accidentally working with our old behaviour and won't now.)

Backports commit e5e40999b5e03567ef654546e3d448431643f8f3 from qemu
2018-07-03 00:49:51 -04:00
Babu Moger ec6b1f1554
i386: Enable TOPOEXT feature on AMD EPYC CPU
Enable TOPOEXT feature on EPYC CPU. This is required to support
hyperthreading on VM guests. Also extend xlevel to 0x8000001E.

Disable topoext on PC_COMPAT_2_12 and keep xlevel 0x8000000a.

Backports commit e00516475c270dcb6705753da96063f95699abf2 from qemu
2018-07-03 00:32:50 -04:00
Babu Moger b5f47a4884
i386: Fix up the Node id for CPUID_8000_001E
This is part of topoext support. To keep the compatibility, it is better
we support all the combination of nr_cores and nr_threads currently
supported. By allowing more nr_cores and nr_threads, we might end up with
more nodes than we can actually support with the real hardware. We need to
fix up the node id to make this work. We can achieve this by shifting the
socket_id bits left to address more nodes.

Backports commit 631be32155dbafa1fe886f2488127956c9120ba6 from qemu
2018-07-03 00:31:38 -04:00
Konrad Rzeszutek Wilk 475062aca9
i386: Define AMD's no SSB mitigation needed.
AMD future CPUs expose a mechanism to tell the guest that the
Speculative Store Bypass Disable is not needed and that the
CPU is all good.

This is exposed via the CPUID 8000_0008.EBX[26] bit.

See 124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf

A copy of this document is available at
https://bugzilla.kernel.org/show_bug.cgi?id=199889

Backports commit 254790a909a2f153d689bfa7d8e8f0386cda870d from qemu
2018-07-03 00:24:58 -04:00
Konrad Rzeszutek Wilk 0023d048aa
i386: define the AMD 'amd-ssbd' CPUID feature bit
AMD future CPUs expose _two_ ways to utilize the Intel equivalant
of the Speculative Store Bypass Disable. The first is via
the virtualized VIRT_SPEC CTRL MSR (0xC001_011f) and the second
is via the SPEC_CTRL MSR (0x48). The document titled:
124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf

gives priority of SPEC CTRL MSR over the VIRT SPEC CTRL MSR.

A copy of this document is available at
https://bugzilla.kernel.org/show_bug.cgi?id=199889

Anyhow, this means that on future AMD CPUs there will be _two_ ways to
deal with SSBD.

Backports commit a764f3f7197f4d7ad8fe8424269933de912224cb from qemu
2018-07-03 00:24:24 -04:00
Eduardo Habkost bffd8c6244
i386: Remove ospke CPUID flag name
OSPKE is not a static feature flag: it changes dynamically at
runtime depending on CR4, and it was never configurable: KVM
never returned OSPKE on GET_SUPPORTED_CPUID, and on TCG enables
it automatically if CR4_PKE_MASK is set.

Remove OSPKE from the feature name array so users don't try to
configure it manually.

Backports commit 9ccb9784b57804f5c74434ad6ccb66650a015ffc from qemu
2018-07-03 00:23:33 -04:00
Eduardo Habkost f294aa7cb5
i386: Remove osxsave CPUID flag name
OSXAVE is not a static feature flag: it changes dynamically at
runtime depending on CR4, and it was never configurable: KVM
never returned OSXSAVE on GET_SUPPORTED_CPUID, and it is not
included in TCG_EXT_FEATURES.

Remove OSXSAVE from the feature name array so users don't try to
configure it manually.

Backports commit f1a23522b03a569f13aad49294bb4c4b1a9500c7 from qemu
2018-07-03 00:22:32 -04:00
Babu Moger c07a5c06e7
i386: Add support for CPUID_8000_001E for AMD
Add support for cpuid leaf CPUID_8000_001E. Build the config that closely
match the underlying hardware. Please refer to the Processor Programming
Reference (PPR) for AMD Family 17h Model for more details.

Backports commit ed78467a214595a63af7800a073a03ffe37cd7db from qemu
2018-07-03 00:21:23 -04:00
Matthias Maier b27996c799
Revert commit d4e5ec877ca
This commit removes the PYTHON_UTF8 workaround. The problem with setting

LC_ALL= LANG=C LC_CTYPE=en_US.UTF-8

is that the en_US.UTF-8 locale might not be available. In this case
setting above locales results in build errors even though another UTF-8
locale was originally set [1]. The only stable way of fixing the
encoding problem is by specifying the encoding in Python, like the
previous commit does.

[1] https://bugs.gentoo.org/657766

Backports commit 0d6b93deeeb3cc190692d629f5927befdc8b1fb8 from qemu
2018-07-02 23:03:11 -04:00
Markus Armbruster af4b0028b8
qapi: Open files with encoding='utf-8'
Python 2 happily reads UTF-8 files in text mode, but Python 3 requires
either UTF-8 locale or an explicit encoding passed to open(). Commit
d4e5ec877ca fixed this by setting the en_US.UTF-8 locale. Falls apart
when the locale isn't be available.

Matthias Maier and Arfrever Frehtes Taifersar Arahesis proposed to use
binary mode instead, with manual conversion from bytes to str. Works,
but opening with an explicit encoding is simpler, so do that.

Since Python 2's open() doesn't support the encoding parameter, we
need to suppress it with a version check.

Backports commit de685ae5e9a4b523513033bd6cadc8187a227170 from qemu
2018-07-02 23:01:31 -04:00
Anton Nefedov 559833a0d4
qapi: allow empty branches in flat unions
It often happens that just a few discriminator values imply extra data in
a flat union. Existing checks did not make possible to leave other values
uncovered. Such cases had to be worked around by either stating a dummy
(empty) type or introducing another (subset) discriminator enumeration.

Both options create redundant entities in qapi files for little profit.

With this patch it is not necessary anymore to add designated union
fields for every possible value of a discriminator enumeration.

Backports commit 800877bb1639d38ffaebe312a37b61c66bb10c83 from qemu
2018-07-02 22:59:43 -04:00
Marc-André Lureau 6069bb69a7
qapi/events: generate event enum in main module
The event generator produces an enum, and put it in the last visited
module. It fits better in the main module, since it's the set of all
visited events, from all modules.

Backports commit f030ffd39d6c1ea8fff281be5e4b19c819d7ce10 from qemu
2018-06-29 14:19:06 -05:00
Marc-André Lureau e973b88d32
qapi/visit: remove useless prefix argument
Backports commit a48e7542be9ef6dab3c8d52f563298d06ef872c9 from qemu
2018-06-29 14:17:43 -05:00
Julia Suvorova f28514178a
target/arm: Strict alignment for ARMv6-M and ARMv8-M Baseline
Unlike ARMv7-M, ARMv6-M and ARMv8-M Baseline only supports naturally
aligned memory accesses for load/store instructions.

Backports commit 2aeba0d007d33efa12a6339bb140aa634e0d52eb from qemu
2018-06-29 14:15:33 -05:00
Julia Suvorova 65d0e176c3
target/arm: Introduce ARM_FEATURE_M_MAIN
This feature is intended to distinguish ARMv8-M variants: Baseline and
Mainline. ARMv7-M compatibility requires the Main Extension. ARMv6-M
compatibility is provided by all ARMv8-M implementations.

Backports commit cc2ae7c9de14efd72c6205825eb7cd980ac09c11 from qemu
2018-06-29 14:14:18 -05:00
Edgar E. Iglesias dfc6bd6a0b
target-arm: Add the Cortex-R5F
Add the Cortex-R5F with the optional FPU enabled.

Backports commit ebac5458c7517ed7b8ee06eb90beacc7472b295d from qemu
2018-06-29 13:53:31 -05:00
Julia Suvorova 38747fc125
target/arm: Minor cleanup for ARMv6-M 32-bit instructions
The arrays were made static, "if" was simplified because V7M and V8M
define V6 feature.

Backports commit 8297cb13e407db8a96cc7ed6b6a6c318a150759a from qemu
2018-06-29 13:50:30 -05:00
John Arbuckle 22c3206738
tcg/i386: Use byte form of xgetbv instruction
The assembler in most versions of Mac OS X is pretty old and does not
support the xgetbv instruction. To go around this problem, the raw
encoding of the instruction is used instead.

Backports commit 1019242af11400252f6735ca71a35f81ac23a66d from qemu
2018-06-28 13:23:32 -05:00
Julia Suvorova f447a6f668
target/arm: Allow ARMv6-M Thumb2 instructions
ARMv6-M supports 6 Thumb2 instructions. This patch checks for these
instructions and allows their execution.
Like Thumb2 cores, ARMv6-M always interprets BL instruction as 32-bit.

This patch is required for future Cortex-M0 support.

Backports commit 14120108f87b3f9e1beacdf0a6096e464e62bb65 from qemu
2018-06-15 14:12:20 -04:00
Richard Henderson d81cc5f5cd
target/arm: Implement SVE Floating Point Arithmetic - Unpredicated Group
Backports commit 29b80469dc51ae4064e9ef9223967882d2610523 from qemu
2018-06-15 14:10:16 -04:00
Richard Henderson e56db70fee
target/arm: Implement SVE Integer Wide Immediate - Unpredicated Group
Backports commit 6e6a157d683058d86a224cf128320d67b0915365 from qemu
2018-06-15 14:05:11 -04:00
Richard Henderson b5352c6ba1
target/arm: Implement FDUP/DUP
Backports commit ed49196125360c037d7f23c1c315a85cc234e72d from qemu
2018-06-15 13:56:03 -04:00
Richard Henderson 496bb35c97
target/arm: Implement SVE Integer Compare - Scalars Group
Backports commit caf1cefc72be98497e0907d0e07f4327fc641e96 from qemu
2018-06-15 13:54:05 -04:00
Richard Henderson bc55b3e570
target/arm: Implement SVE Predicate Count Group
Backports commit 9ee3a611de28b8d0862fa687215b04b5aad20747 from qemu
2018-06-15 13:49:58 -04:00
Richard Henderson bb930f35b0
target/arm: Implement SVE Partition Break Group
Backports commit 35da316f5e847292ffbe7b6d16cd3988043dfe22 from qemu
2018-06-15 13:42:35 -04:00
Richard Henderson ade246e87b
target/arm: Implement SVE Integer Compare - Immediate Group
Backports commit 38cadeba0daf0f16cf2aeaa5b2752b26fb0676c5 from qemu
2018-06-15 13:35:40 -04:00
Richard Henderson 2969a38d61
target/arm: Implement SVE Integer Compare - Vectors Group
Backports commit 757f9cff1b63895bfd6fc8d66a6e52d7c40baa7b from qemu
2018-06-15 13:29:15 -04:00
Richard Henderson 7211d415a4
target/arm: Implement SVE Select Vectors Group
Backports commit d3fe4a29d754dee73cbf3cb7584db222981179ac from qemu
2018-06-15 13:17:47 -04:00
Richard Henderson 7698c1634e
target/arm: Implement SVE vector splice (predicated)
Backports commit b48ff24098c72f86e187e6abb7e9ca4de40a7fb4 from qemu
2018-06-15 13:14:33 -04:00
Richard Henderson 7d930e8515
target/arm: Implement SVE reverse within elements
Backports commit dae8fb9019d2aa6ccb151a19871df40de6c98e29 from qemu
2018-06-15 13:12:14 -04:00
Richard Henderson 53d151de58
target/arm: Implement SVE copy to vector (predicated)
Backports commit 792a557847697235037fea30eaaacb9b45b4c9e5 from qemu
2018-06-15 13:03:36 -04:00
Richard Henderson 0bb2fdd752
target/arm: Implement SVE conditionally broadcast/extract element
Backports commit ef23cb726dc32375bc2fca7ac3e9f34816f6ee13 from qemu
2018-06-15 13:01:40 -04:00
Richard Henderson 8ba3bde59b
target/arm: Implement SVE compress active elements
Backports commit 3ca879aeb3412bc2be35d01a7bedf5fada960b5d from qemu
2018-06-15 12:52:19 -04:00
Richard Henderson d9ed221567
target/arm: Implement SVE Permute - Interleaving Group
Backports commit 234b48e9c68759aea78ff5a1e49c2ba806cd1d83 from qemu
2018-06-15 12:49:42 -04:00
Richard Henderson 3722ab310b
target/arm: Implement SVE Permute - Predicates Group
Backports commit d731d8cb3c74258669211f065c918353eb7b8f4a from qemu
2018-06-15 12:44:50 -04:00
Richard Henderson c57ff23c56
target/arm: Implement SVE Permute - Unpredicated Group
Backports commit 30562ab716bcec0bf718b47b5268949856b17604 from qemu
2018-06-15 12:37:56 -04:00
Richard Henderson 4dc2b5ea79
target/arm: Extend vec_reg_offset to larger sizes
Rearrange the arithmetic so that we are agnostic about the total size
of the vector and the size of the element. This will allow us to index
up to the 32nd byte and with 16-byte elements.

Backports commit 66f2dbd783d0b6172043e3679171421b2d0bac11 from qemu
2018-06-15 12:23:35 -04:00
Peter Maydell 0a23259560
exec.c: Use stn_p() and ldn_p() instead of explicit switches
Now we have stn_p() and ldn_p() we can use them in various
functions in exec.c that used to have their own switch-on-size code.

Backports commit 6d3ede5410e05c5f6221dab1daf99164fd6bf879 from qemu
2018-06-15 12:20:59 -04:00
Peter Maydell cb879422e9
exec.c: Don't accidentally sign-extend 4-byte loads in subpage_read()
In subpage_read() we perform a load of the data into a local buffer
which we then access using ldub_p(), lduw_p(), ldl_p() or ldq_p()
depending on its size, storing the result into the uint64_t *data.
Since ldl_p() returns an 'int', this means that for the 4-byte
case we will sign-extend the data, whereas for 1 and 2 byte
reads we zero-extend it.

This ought not to matter since the caller will likely ignore values in
the high bytes of the data, but add a cast so that we're consistent.

Backports commit 22672c6075a16d1998e37686f02ed4bd2fb30f78 from qemu
2018-06-15 12:18:40 -04:00
Peter Maydell 8295b228e3
bswap: Add new stn_*_p() and ldn_*_p() memory access functions
There's a common pattern in QEMU where a function needs to perform
a data load or store of an N byte integer in a particular endianness.
At the moment this is handled by doing a switch() on the size and
calling the appropriate ld*_p or st*_p function for each size.

Provide a new family of functions ldn_*_p() and stn_*_p() which
take the size as an argument and do the switch() themselves.

Backports commit afa4f6653dca095f63f3fe7f2001e9334f5676c1 from qemu
2018-06-15 12:17:21 -04:00
Peter Maydell 61a7ac6948
cpu-defs.h: Document CPUIOTLBEntry 'addr' field
The 'addr' field in the CPUIOTLBEntry struct has a rather non-obvious
use; add a comment documenting it (reverse-engineered from what
the code that sets it is doing).

Backports commit ace4109011b4912b24e76f152e2cf010e78819c5 from qemu
2018-06-15 12:07:39 -04:00
Peter Maydell 7a6ae26346
cputlb: Pass cpu_transaction_failed() the correct physaddr
The API for cpu_transaction_failed() says that it takes the physical
address for the failed transaction. However we were actually passing
it the offset within the target MemoryRegion. We don't currently
have any target CPU implementations of this hook that require the
physical address; fix this bug so we don't get confused if we ever
do add one.

Backports commit 2d54f19401bc54b3b56d1cc44c96e4087b604b97 from qemu
2018-06-15 12:03:23 -04:00
Nicholas Piggin 1a9d9e3547
osdep: powerpc64 align memory to allow 2MB radix THP page tables
This allows KVM with the Book3S radix MMU mode to take advantage of
THP and install larger pages in the partition scope page tables (the
host translation).

Backports commit 0c1272cc7c72dfe0ef66be8f283cf67c74b58586 from qemu
2018-06-15 11:53:55 -04:00
Babu Moger d4ad9e37a2
i386: Populate AMD Processor Cache Information for cpuid 0x8000001D
Add information for cpuid 0x8000001D leaf. Populate cache topology information
for different cache types (Data Cache, Instruction Cache, L2 and L3) supported
by 0x8000001D leaf. Please refer to the Processor Programming Reference (PPR)
for AMD Family 17h Model for more details.

Backports commit 8f4202fb1080f86958782b1fca0bf0279f67d136 from qemu
2018-06-15 11:52:28 -04:00
Eduardo Habkost 7837f23cd9
i386: Clean up cache CPUID code
Always initialize CPUCaches structs with cache information, even
if legacy_cache=true. Use different CPUCaches struct for
CPUID[2], CPUID[4], and the AMD CPUID leaves.

This will simplify a lot the logic inside cpu_x86_cpuid()

Backports commit a9f27ea9adc8c695197bd08f2e938ef7b4183f07 from qemu
2018-06-15 11:51:09 -04:00
Richard Henderson 1a91edd263
target/m68k: Merge disas_m68k_insn into m68k_tr_translate_insn
Backports commit a56f36c1d2bccbc50a53fa8093b93d205607f1b8 from qemu
2018-06-15 11:40:18 -04:00
Richard Henderson a8540a30d2
target/m68k: Improve ending TB at page boundaries
Rather than limit total TB size to PAGE-32 bytes, end the TB when
near the end of a page. This should provide proper semantics of
SIGSEGV when executing near the end of a page.

Backports commit 4c7a0f6f34869b3dfe7091d28ff27a8dfbdd8b70 from qemu
2018-06-15 11:36:08 -04:00
Richard Henderson c42ca54685
target/m68k: Convert to TranslatorOps
Backports commit 11ab74b01e0a8ea4973eed89c6b90fa6e4fb9fb6 from qemu
2018-06-15 11:35:31 -04:00
Richard Henderson f4432cbca7
target/m68k: Convert to DisasContextBase
Removed ctx->insn_pc in favour of ctx->base.pc_next.
Yes, it is annoying, but didn't want to waste its 4 bytes.

Backports commit a575cbe01caecf22ab322a9baa5930a6d9e39ca6 from qemu
2018-06-15 11:25:23 -04:00
Richard Henderson 0445fcf34a
target/m68k: Rename DISAS_UPDATE and gen_lookup_tb
The name gen_lookup_tb is at odds with tcg_gen_lookup_and_goto_tb.
For these cases, we do indeed want to exit back to the main loop.
Similarly, DISAS_UPDATE performs no actual update, whereas DISAS_EXIT
does what it says.

Backports commit 4106f26e95c83b8759c3fe61a4d3a1fa740db0a9 from qemu
2018-06-15 10:50:34 -04:00
Richard Henderson 90b3770665
target/m68k: Use lookup_and_goto_tb for DISAS_JUMP
These are all indirect or out-of-page direct jumps.
We can indirectly chain to the next TB without going
back to the main loop.

Backports commit 8aaf7da9c3b1f282b5a123de3e87a2e6ca87f3b9 from qemu
2018-06-15 10:48:18 -04:00
Richard Henderson c2fe05f7d9
target/m68k: Remove DISAS_JUMP_NEXT as unused
Backports commit 707ddb5ac6f91309ff6ed6bec988ed8100846f50 from qemu
2018-06-15 10:46:26 -04:00
Richard Henderson 76b8bd614d
target/m68k: Replace DISAS_TB_JUMP with DISAS_NORETURN
We have exited the TB after using goto_tb; there is no
distinction from DISAS_NORETURN.

Backports commit 825340f5659647deb62743c3cb479ec8d78f1862 from qemu
2018-06-15 10:45:33 -04:00
Richard Henderson 3c01ea765d
target/m68k: Use DISAS_NORETURN for exceptions
The raise_exception helper does not return. Do not generate
any code following that.

Backports commit cb4add334a5a8db263c20c33c5365be3868f8967 from qemu
2018-06-15 10:44:07 -04:00
Philippe Mathieu-Daudé 145174a359
target/m68k: Add trailing '\n' to qemu_log() call
Backports commit 21528149eba03fc17f428a8e1660d8666683ca85 from qemu
2018-06-08 19:25:21 -04:00
Philippe Mathieu-Daudé 5992214b3b
target/arm: Add trailing '\n' to qemu_log() calls
Backports commit 0221c8fdf2321137b34bd4dbb2557d0725739822 from qemu
2018-06-08 19:24:38 -04:00
Fam Zheng 666130cb41
Makefile: Rename TARGET_DIRS to TARGET_LIST
To be more accurate on its purpose and make code that looks for a certain
target out of this variable more readable.

Backports commit 208ecb3e1acc8d55dab49fdf721a86d513691688 from qemu
2018-06-08 19:22:45 -04:00
Richard Henderson 10e2b13650
tcg: Pass tb and index to tcg_gen_exit_tb separately
Do the cast to uintptr_t within the helper, so that the compiler
can type check the pointer argument. We can also do some more
sanity checking of the index argument.

Backports commit 07ea28b41830f946de3841b0ac61a3413679feb9 from qemu
2018-06-07 11:56:32 -04:00
Paolo Bonzini 330bb60809
tcg: remove softfloat from --disable-tcg builds
Even though the presence of softfloat does not cause --disable-tcg builds to fail,
it is the single largest .o file in them. Remove it, since TCG is the only client.

Backports commit 8f971cf0c9265fa5d9f06a195f119237e403c0ce from qemu
2018-06-07 11:49:35 -04:00
Peter Maydell 76fd93726c
exec.c: Initialize sa_flags passed to sigaction()
Coverity points out that in the user-only version of cpu_abort() we
call sigaction() with a partially initialized struct sigaction
(CID 1005351). Correct the omission.

Backports commit 8347c18506c3f8619527d19134cb4aac071dc54a from qemu
2018-06-07 11:47:08 -04:00
Richard Henderson 533a3f6a6c
tcg: Fix helper function vs host abi for float16
Depending on the host abi, float16, aka uint16_t, values are
passed and returned either zero-extended in the host register
or with garbage at the top of the host register.

The tcg code generator has so far been assuming garbage, as that
matches the x86 abi, but this is incorrect for other host abis.
Further, target/arm has so far been assuming zero-extended results,
so that it may store the 16-bit value into a 32-bit slot with the
high 16-bits already clear.

Rectify both problems by mapping "f16" in the helper definition
to uint32_t instead of (a typedef for) uint16_t. This forces
the host compiler to assume garbage in the upper 16 bits on input
and to zero-extend the result on output.

Backports commit 6c2be133a7478e443c99757b833d0f265c48e0a6 from qemu
2018-06-02 10:10:12 -04:00
Peter Maydell 0f0b2e0bd8
target/arm: Honour FPCR.FZ in FRECPX
The FRECPX instructions should (like most other floating point operations)
honour the FPCR.FZ bit which specifies whether input denormals should
be flushed to zero (or FZ16 for the half-precision version).
We forgot to implement this, which doesn't affect the results (since
the calculation doesn't actually care about the mantissa bits) but did
mean we were failing to set the FPSR.IDC bit.

Backports commit 2cfbf36ec07f7cac1aabb3b86f1c95c8a55424ba from qemu
2018-06-02 10:02:57 -04:00
Konrad Rzeszutek Wilk a08dcb8aa6
i386: define the AMD 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
AMD Zen expose the Intel equivalant to Speculative Store Bypass Disable
via the 0x80000008_EBX[25] CPUID feature bit.

This needs to be exposed to guest OS to allow them to protect
against CVE-2018-3639.

Backports commit 403503b162ffc33fb64cfefdf7b880acf41772cd from qemu
2018-05-22 16:58:25 -04:00
Konrad Rzeszutek Wilk 860411e045
i386: Define the Virt SSBD MSR and handling of it (CVE-2018-3639)
"Some AMD processors only support a non-architectural means of enabling
speculative store bypass disable (SSBD). To allow a simplified view of
this to a guest, an architectural definition has been created through a new
CPUID bit, 0x80000008_EBX[25], and a new MSR, 0xc001011f. With this, a
hypervisor can virtualize the existence of this definition and provide an
architectural method for using SSBD to a guest.

Add the new CPUID feature, the new MSR and update the existing SSBD
support to use this MSR when present." (from x86/speculation: Add virtualized
speculative store bypass disable support in Linux).

Backports commit cfeea0c021db6234c154dbc723730e81553924ff from qemu
2018-05-22 16:57:39 -04:00
Daniel P. Berrangé 795bcc7de3
i386: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.

Backports commit d19d1f965904a533998739698020ff4ee8a103da from qemu
2018-05-22 16:56:41 -04:00
Philippe Mathieu-Daudé 752fd5dd12
typedefs: Remove PcGuestInfo from qemu/typedefs.h
It is long gone since e4e8ba04c2007 ...

Backports commit 201376cb9e500f64209444cb95f566679c0f54a2 from qemu
2018-05-22 00:32:07 -04:00
Murilo Opsfelder Araujo 3a3aa9e23d
HACKING: document preference for g_new instead of g_malloc
This patch documents the preference for g_new instead of g_malloc. The
reasons were adapted from commit b45c03f585ea9bb1af76c73e82195418c294919d.

Discussion in QEMU's mailing list:
http://lists.nongnu.org/archive/html/qemu-devel/2018-05/msg03238.html

Backports commit f7c922ed3d8e3cb54febbdc594ce9f4400e0d290 from qemu
2018-05-22 00:30:50 -04:00
Emilio G. Cota 7e8902eccc
tcg: fix s/compliment/complement/ typos
Backports commit 1d349821551c2da4dfefe36c6ac17319f33ebbd5 from qemu
2018-05-22 00:29:51 -04:00
Richard Henderson 6835b2dd13
target/arm: Implement SVE Permute - Extract Group
Backports commit b94f8f60bd841c5b737185cd38263e26822f77ab from qemu
2018-05-20 05:26:55 -04:00
Richard Henderson 9917f0d536
target/arm: Implement SVE Integer Wide Immediate - Predicated Group
Backports commit f25a2361539626721dbccce14c077cad03b2e72c from qemu
2018-05-20 05:24:04 -04:00